mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-16 20:12:31 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDEV-10404 - Improved systemd service hardening causes SELinux problems

Browse source 
Disabled NoNewPrivileges until SELinux policy is fixed.
This commit is contained in:
Sergey Vojtovich 2016-08-17 13:57:34 +04:00
parent 48fbb2bf07
commit 1e160e5cb3
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
support-files/mariadb.service.in
View file

@ -48,7 +48,8 @@ CapabilityBoundingSet=CAP_IPC_LOCK
# Prevent writes to /usr, /boot, and /etc
ProtectSystem=full
NoNewPrivileges=true
# Doesn't yet work properly with SELinux enabled
# NoNewPrivileges=true
PrivateDevices=true

3
support-files/mariadb@.service.in
View file

@ -55,7 +55,8 @@ CapabilityBoundingSet=CAP_IPC_LOCK
# Prevent writes to /usr, /boot, and /etc
ProtectSystem=full
NoNewPrivileges=true
# Doesn't yet work properly with SELinux enabled
# NoNewPrivileges=true
PrivateDevices=true